main.tf

locals{
    project_name_string = substr(lower(replace(var.project_name, "/\\s/", "-")), 0, 25)    
    curl_body           = {
        kind               = "project"
        security_contact   = var.security_contact
        mcomm_group_email  = var.mcomm_group_email
        shortcode          = var.shortcode
        vpn                = var.vpn  
        dt_phi             = var.dt_phi
        dt_ferpa           = var.dt_ferpa
        dt_pii             = var.dt_pii
        dt_glba            = var.dt_glba
        dt_hsr             = var.dt_hsr
        dt_ssn             = var.dt_ssn
        dt_acp             = var.dt_acp
        dt_it_sec_info     = var.dt_it_sec_info
        dt_itar            = var.dt_itar
        dt_pci             = var.dt_pci
        dt_fisma           = var.dt_fisma
        dt_other_data      = var.dt_other_data
        dt_other_data_info = var.dt_other_data_info
    }
}

resource "random_id" "id" {
    byte_length = 2
}

resource "google_project" "gcp_project" {    
    name = var.project_name
    project_id = var.project_id == "" ? "${local.project_name_string}-${random_id.id.hex}" : var.project_id
    folder_id = var.folder_id
    billing_account = var.billing_id
    auto_create_network = false
    labels = {
        "shortcode" = var.shortcode 
    }
}

resource "google_project_service" "compute_api" {
  project = google_project.gcp_project.project_id
  service = "compute.googleapis.com"
}

resource "google_project_service" "pubsub_api" {    
    project = google_project.gcp_project.project_id
    service = "pubsub.googleapis.com"
}

module "iam" {
    source            = "./modules/iam"
    project_id        = google_project.gcp_project.project_id
    mcomm_group_email = var.mcomm_group_email
}

module "logging" {
    source                       = "./modules/logging"
    project_id                   = google_project.gcp_project.project_id
    log_export_destination_topic = var.log_export_destination_topic
}

module "network" {
    source = "./modules/network"
    project_id     = google_project.gcp_project.project_id
    vpc_prefix     = var.vpc_prefix
    gke_vpc_ranges = var.gke_vpc_ranges
}

module "vpn" {
    source = "./modules/vpn"
    count  = var.vpn == true ? 1 : 0

    project_id      = google_project.gcp_project.project_id
    regions         = var.regions
    vpc_prefix      = var.vpc_prefix
    network_size    = var.vpn_network_size
    bgp_network     = var.vpn_bgp_network
    cloud_asn       = var.vpn_cloud_asn
    # um_vpn_endpoint = var.um_vpn_endpoint
}

# ## Receiving 404 error ##
data "google_service_account_id_token" "customer_db_token" {
    target_audience = var.customer_db_cloud_function_url
}

resource "null_resource" "customer_database" {
    triggers = {
        security_contact   = var.security_contact
        mcomm_group_email  = var.mcomm_group_email
        shortcode          = var.shortcode
        vpn                = var.vpn
        dt_phi             = var.dt_phi
        dt_ferpa           = var.dt_ferpa
        dt_pii             = var.dt_pii
        dt_glba            = var.dt_glba
        dt_hsr             = var.dt_hsr
        dt_ssn             = var.dt_ssn
        dt_acp             = var.dt_acp
        dt_it_sec_info     = var.dt_it_sec_info
        dt_itar            = var.dt_itar
        dt_pci             = var.dt_pci
        dt_fisma           = var.dt_fisma
        dt_other_data      = var.dt_other_data
        dt_other_data_info = var.dt_other_data_info
    }

    provisioner "local-exec" {
        command = "curl ${var.customer_db_cloud_function_url} -H \"Authorization: Bearer ${data.google_service_account_id_token.customer_db_token.id_token}\" -H \"Content-Type: application/json\" -d '${jsonencode(local.curl_body)}'"
    }
}